Category: Public Safety Broadband

Today we finalized a two-year agreement to work with Securelogix on a pilot to research Telephony Denial of Service (TDoS). The Department of Homeland Security Science and Technology Directorate is funding the pilot.

Securelogix will install equipment at our two core node locations, initially to collect call data. Here in Palm Beach County, we have a backup PSAP that will be used for testing purposes in the future as the pilot project evolves.

Attacks on our national 9-1-1 infrastructure are incredibly serious- overwhelming the system with ‘fake calls’ can prevent a legitimate call from being answered and dispatched.

Today there is no easy answer on how to address an active TDoS attack. We are hopeful that this project will produce useful data to formulate a response that can benefit the entire 9-1-1 community.

Like this:

There is discussion in the 9-1-1 community regarding FirstNet and how it might relate to Next Generation 9-1-1. Here in Florida, we recently received a formal briefing on FirstNet.

As a reminder- in the world of the First Responder, the current Land Mobile Radio (LMR) system for voice will remain. The initial FirstNet deployments will be data only.

SO…

Disclaimer- The following are my personal thoughts.

FirstNet may become much more than a wireless network. They have the ability to become THE leader in specialized public safety applications, applications that could be used by First Responders nationwide, regardless of whether their state has chosen to ‘opt-in’ or ‘opt-out’.

There is also the potential that they could host existing software applications, maybe providing a value add by obtaining a larger volume licensing agreement from the vendor, an incentive to utilize the FirstNet Core.

In ‘NextGen’ 9-1-1, voice is an application. By this I mean that it utilizes SIP (session initiation protocol), which operates at Layer 7, the application layer of the OSI model. Translation- voice is an application.

FirstNet could offer VOICE services for the 9-1-1 community. Simply add a hosted voice server to the graphic above. This could be of tremendous value, especially to those states (mostly home rule) who are still putting together their NextGen 9-1-1 strategy. FirstNet needs a core backbone network, why not provide voice services? Voice uses very little bandwidth.

The other aspect is that this lays the foundation for a real Public Safety Broadband Network. We do not need to pay for and operate TWO networks- it certainly does not happen in the business world.

Connecting from the core network to the 9-1-1 center (PSAP), it would make sense to have two types of connections, one land based and one wireless. Diversity..

And the critical aspect of security– we expect to utilize pictures and videos on the FirstNet wireless network. What better way to control the pictures and videos planned to be coming inbound to 9-1-1? Have them ‘land’ in the FirstNet core, when they can be dealt with and controlled prior to potentially being pushed out to First Responders.

Intrado (now West) pioneered the concept of hosted 9-1-1 services and the use of LTE wireless as a backup for 9-1-1 Centers (PSAPs). It’s all possible.

Instead of congress funding a separate NextGen 9-1-1 initiative, maybe there could be incremental funding to FirstNet to include the NextGen 9-1-1 services.

and many more….. The telemarketers did not understand that their Robo-Dialer had routed their call to 9-1-1. This specific issue began in South Florida in September and is still in the process of being resolved.

When a wireless caller dials 9-1-1, the system inserts a fake or “pseudo’ phone number (automatic number identifier or ANI) into the 9-1-1 call flow while the wireless callers real phone number is being identified. This pANI is sent, along with the audio, to the PSAP and presented on the call takers screen.

If you look at a cell tower, there are normally three sides or sectors and each sector has a group of these ‘fake’ or ‘pseudo’ numbers associated with it.

By design, you should not be able to directly dial these ‘fake’ phone numbers- Example below-

What we now understand is that one of the major wireless carriers utilized phone numbers that can be dialed directly in their 9-1-1 configuration.

SO- A telemarketing company loaded a series of sequential phone numbers into their dialer, and the fake or pANI phone numbers were included. Because the wireless carrier had these numbers configured wrong, the robo caller dialed the number and directly connected their telemarketer to 9-1-1.

It took a lot of research and time to identify the root cause. Tremendous frustration on the part of 9-1-1 call takers who endured this issue for weeks.

Eventually the root cause was identified and the wireless carrier began making the appropriate configuration changes (requesting non-dialable numbers to be used as the pANI) throughout their network.

Now- if we actually had Geospatial routing, the need for the pANI would go away…

Like this:

When I took over this project in 2013, one feature that appealed to me was geospatial routing. Instead of wireless 9-1-1 calls being routed to a PSAP based on the cell tower/sector database, it would now be routed to the correct PSAP based on the location of the caller. (You NG9-1-1 technical types out there- you know the acronyms and flow)

We have hundreds of cell towers and 18 PSAPs, so the idea of avoiding/reducing 9-1-1 transfers between PSAPs made tremendous sense.

There were plans to create a geofence around our main courthouse and the airport. Both of these facilities are located within the City of West Palm Beach, yet – as County facilities- are staffed by the County Sheriffs Office. Placing a geofence around these properties and routing 9-1-1 calls from within the geofence directly to the Sheriffs Office makes sense and, as we were told, easy to do.

Our GIS team attended training, reviewed the standards and went to work on preparing our data. A few months ago, after having the data professionally ‘vetted’, we felt that we were ready to move forward with location based- geospatial- routing.

Around this same time we were asked to look at the current routing of 9-1-1 calls FROM the Town of Palm Beach. Donald Trump has a ocean front home on the island (not far from our offices). The town is a 16 mile long, narrow, barrier island. There are only a few cell towers. As a result, a number of 9-1-1 calls that originate on the island are connected to cell tower sectors across the intracoastal waterway. They are routed first to a ‘mainland’ PSAP and then transferred back to the island.

The ideal scenario would be to route all 9-1-1 calls directly to the Town of Palm Beach PSAP. In this scenario, turning on geospatial routing made sense.

In our industry there is a lot of talk about implementing this feature. So- when we reached out to the wireless carriers to let them know we were ready- we were surprised at the response.

Today, wireless carriers in our area are not ready to transition away from the MSAG and cell sector routing. It appears to be a complex issue. A portion of the 9-1-1 fee is returned to the carriers for providing 9-1-1 services (including the MSAG), so moving away from this may take time.

I have been told that there are NG9-1-1 deployments out there that are doing geospatial routing. I do not mean holding the call and waiting for the ‘Phase 2’ data as the initial input..

If you are reading this and are truly doing geospatial, please comment below – I’d love to speak with your wireless provider. In the meantime there are options being discussed in certain working groups, led by the FCC.

Like this:

One aspect of FirstNet that I truly respect is the fact that they are funded, organized and empowered regarding their mission. They have the potential to positively impact Public Safety on a national level.

Things are not as well defined with NextGen 9-1-1. At the state level, we currently have extremes regarding 9-1-1 Boards and their authority. While some states are up and running with NextGen, others are struggling with the initial planning. Two States (Wisconsin and Missouri) do not even have a state level 9-1-1 Board.

Laurie Flaherty and her team @ 911.GOV have done a great job collecting and interpreting data from states.

Depending on the specific details, Home Rule can play a major role in the lack of centralized authority for 9-1-1.

There are initiatives today at the federal level regarding funding for Next Generation 9-1-1. We do not want the scenario of a state receiving funding for NextGen without a definitive plan. For those states that do not yet have a plan in place, one option is to engage the Department of Homeland Security Office of Emergency Communications.

This VIDEO may prove of interest. I participate as a subject matter expert (SME) for DHS and believe this program to be of tremendous value.

Share this:

Like this:

There are 16 specific sectors in the U.S. that are considered critical infrastructure. 9-1-1 is part of the Emergency Services sector, as defined by Homeland Security.

If you have a legacy PSAP (Public Safety Answering Point or 9-1-1 Center), you depend on the local telephone carrier to keep their central office equipment up and running during any event. The challenge then becomes the local connections- analog phone lines, T1, PRI, etc that connect your PSAP. These are typically single threaded, even if you have two connections from the same provider, they can end up on the same fiber or the same central office.

If you are planning to implement a Next Generation 9-1-1 system, you CAN have much more control over this situation.

Commercial business, especially large companies, understand the critical importance of ‘uptime’ to their business model. It is common practice to have a least two facilities that house their critical servers (data centers) and multiple telecom providers.

Consider putting a multi-telecom carrier requirement in your RFP. A primary and backup (or active/active model) for your NG9-1-1 Core Services equipment should be standard. Your NG9-1-1 PSAP could have have a circuit from your local Telco, maybe a wireless LTE connection (router card) to a different vendor and if you have an alternate provider (maybe your local cable company offers business broadband), include that in the mix.

Bottom line, you protect your PSAP operations by not tying yourself to single vendor.

The culture, for years in the 9-1-1 community, has been one of trusting the local telco to take care of everything outside of the building. If we truly want to maintain as much uptime as possible and see our PSAPs as part of the nations Critical Infrastructure, then we need to step up and get involved in defining these requirements.

Like this:

There are three broad categories of hackers:

Destructive (crash a website, destroy data)

Social Justice (Edward Snowden, WikiLeaks)

Those that want to make a Profit

One of the popular tactics used by those in category 3 is to hack into a company database (such as Target) and steal credit card information. The hacker can then take these to a “Cyber Pawn Shop” where the list would be published for sale on the ‘Deep Web’

These ‘Cyber Pawn Shops’ sites will sell credit cards in bulk, the price is normally reduced as they ‘age’ in time. Bottom line- it is better to to steal LOTS of credit card info, which is why a hack such as Target was possibly a large financial score.

Now we are seeing a dramatic increase in Ransom Attacks. The hacker goes into the computer system, takes control and encrypts operational data, demanding payment for a password.

On one level this approach makes better business sense:

Eliminate the middleman (Cyber Pawn Shops)

Hackers set their own price

In some of the recent attacks, systems were simply shut down. Earlier this year a hospital had its medical records encrypted- basically shutting down the hospital (Hollywood Presbyterian Medical Center) until a ransom was paid.Hospitals, schools and cities are estimated to have paid hundreds of millions of dollars to date (source- CHRIS FRANCESCANI- NBC News).

Hackers are also targeting Police Departments nationwide.

A quote from the August 19, 2016 Wall Street Journal article by Robert McMillan:

“According to the U.S. Department of Justice, ransomware attacks have quadrupled this year from a year ago, averaging 4,000 a day. Typical ransomware payments range from $500 to $1,000, according to cyberrisk data firm Cyence Inc., but some hackers have demanded as much as $30,000.” Link

One aspect of this that is of great concern- in many cases these organizations have an IT department and security policy. They have purchased the typical ‘products’ such as firewalls, etc. So how can this be happening?

Today it is estimated that over 90% of the Ransom Hacks enter through a ‘phishing’ email, which an employee ‘clicks on’.

SO- based on the above, we can see two issues:

Employees may not be properly trained regarding email security

If you’ve already transitioned to an IP based NG9-1-1 system you are safe- for the moment- as email is not directly connected.

But how about future hacking techniques or 9-1-1 text messages with hyperlinks?

APCO Project 43, NENA and the FCC Task Force on Optimal PSAP Architecture (TFOPA) are all discussing the issue of security as we transition to IP. We should stay plugged into their ongoing recommendations…

Share this:

Like this:

One of the greatest impacts the transition to Next Generation 9-1-1 will have is to those individuals providing technical support.

So, let’s put this in perspective- below shows the traditional 9-1-1 system today.

When a PSAP calls for support, the first thing the provider might ask for is the circuit information. Based on the diagram above, this makes sense- I check the circuit, then the equipment on either end. All 9-1-1 calls are send to the Local Telephone Company and its Selective Router. So, if things look good on the telco end and the circuit (CAMA Trunk) appears to be functioning, the next step is to check the equipment in the PSAP. Maybe a dispatch to the PSAP to address the issue.

An important factor- the above picture shows that everything is:

Local

Linear and connected

Logical to troubleshoot

9-1-1 Calls flow from left to right

Problems and outages are normally isolated to a single PSAP– there is no ‘network’

So imagine you’ve been in your role for awhile. You understand how things are connected, the different vendors, you are good at your job. You understand the critical nature and the importance of resolving any 9-1-1 issue as quickly as possible.

One day you receive a call from a PSAP that is connected to an ESInet (Emergency Services IP Network). Hello NextGen..

Our model here in Palm Beach County, FL now looks like this:

There is more than one selective router and they are located over a hundred miles apart

The call processing has been removed from the local PSAP and is now ‘hosted’, in our case, in Data Centers – one five counties north. There are now two Call Processing systems and they support ALL of the PSAPs

A technical issue might affect one, many or ALL PSAPs

In the world of Internet Protocol (IP), things are connectionless, meaning that you are going to need additional technical support to see how the specific 9-1-1 call flowed through the system. There is no dedicated path a 9-1-1 call must follow. GIS and other I3 functions may engage

The complexity of the support model has now changed dramatically

The “Time to Repair” a problem has the possibility, especially during these times of transition, to be extended

If you provide technical support in this environment- thank you. Management has hopefully provided you and your team with a diagram that depicts each customers layout…

Training, staffing and procedures are all issues our vendors and partners are working to address.

Share this:

Like this:

Recently, the Federal Government released a committee report. This report included the recommendation that the Standard Occupational Classification (SOC), NOT be modified to change the classification of Public Safety Telecommunicator from “Office and Administrative Support” to critical public safety professional. This was in direct opposition to the recommendations from APCO, NENA and the Congressional NextGen 9-1-1 Caucus.

The hope was that the committee would agree to reclassify Telecommunicator as a “Protective Service Occupation”. This is the same category as firefighters, police officers (and life guards).

Brian Fontes, CEO of NENA – “The men and women of 9-1-1 do so much more than just answer the phone. They guide callers through life-saving procedures, provide advice on how to handle dangerous situations, and provide critical backup to field responders, all while under great stress and pressure.”

APCO President Brent Lee- ” I am extremely disappointed that the Policy Committee failed to address the inaccurate classification of Public Safety Telecommunicators in the SOC.”

It would appear that the Office of Management and Budget does not ‘hear’ the compelling story of the service Call Takers and Dispatchers provide.

As I understand it, NENA and APCO will be meeting with both OMB and Congress in an effort to resolve this before the SOC classification is finalized in 2017.

One thought- The Washington, D.C. “Unified Command” PSAP is only a 16 minute drive from the Office of Personnel Management. I had the pleasure of meeting Karima Holmes , the Director, last week. I am sure that she would be more that willing to give the OPM Committee Members a tour.

Also, Googles’ mobile operating system, Android, commands approximately 80% of the market globally and almost 60% of the market in the United States.

And now:

Google has announced an Android feature that can provide accurate location information for wireless 9-1-1 callers. It is currently available in the UK and Estonia.

Per Akshay Kannan, Google Product Manager “this uses the same location technologies available on your phone, including Wi-Fi, GPS, and cell towers, to produce a more reliable emergency location both indoors and outdoors.”

There is no app to install. Instead, Google will work with each wireless provider to allow the location information that Android calculates to be utilized by 9-1-1. An individual calling 9-1-1 would not need to have any knowledge of the technology or do anything special (e.g. search for their 9-1-1 app), they simply dial 9-1-1.

Google is reportedly in discussion with U.S. wireless providers.

So, without any technical details, Google has “put it out there” that they can assist the 9-1-1 community and the general population. Exactly how this technology works, or how the wireless carriers will utilize it, is not yet clear. We can guess, however, that this may be a major breakthrough that could immediately assist Calltakers by better identifying the location of the 9-1-1 caller.

We are all aware that last year the Federal Communications Commission (FCC) adopted new rules around 9-1-1 location accuracy. APCO Website on the the FCC Location Rules. Will the wireless carriers utilize this technology to quickly provide more accurate location data for 9-1-1 callers? Or possibly use it to augment other plans?

I am hopeful that more information will be provided in the near term.

Also, I hope our friends at Apple have a similar offering in the works. I turned down an offer to work on Tim Cook’s team back in 2004- I’m not sure he will take my call…